Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Derby Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2015-1832

XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML data...

9.1CVSS

8.8AI Score

0.008EPSS

2016-10-03 09:59 PM
109
cve
cve

CVE-2022-46337

A cleverly devised username might bypass LDAP authentication checks. InLDAP-authenticated Derby installations, this could let an attacker fillup the disk by creating junk Derby databases. In LDAP-authenticatedDerby installations, this could also allow the attacker to executemalware which was visibl...

9.8CVSS

9.6AI Score

0.002EPSS

2023-11-20 09:15 AM
99